Why Your Passwords Might Not be as Secure as You Think

This year there were several high profile password hacking incidents at major websites including Yahoo, LinkedIn and eHarmony. Even with these high profile security breaches, people continue to put themselves at risk by using weak, easily guessable passwords. Using a different password for every website and service, you sign up for is best practice and the most secure. That way when a site gets hacked, only your info at that site is in jeopardy.

The top three passwords for 2012, “password,” “123456,” and “12345678,” remain unchanged from last year’s list according to SplashData. Their list is compiled from files posted online by hackers.

New to this year’s list: “welcome, ” “jesus,” “ninja,” “mustang, ” and “password1.”

So, your passwords aren’t on the list, but are they strong enough? The NIST (National Institute of Standards and Technology) states a strong password should contain no less than 12 characters. Sure, you can use shorter passwords, but the longer the password the greater the protection. The length of your password is the biggest factor in determining how strong it is. Then there is complexity. Just adding a number “1” or “2” and replacing a letter with @, is not going to fool password cracking tools. The tools the hackers use are optimized to guess at passwords using patterns like these. Complexity, if it is random and truly unique is what will give you the security you need from hackers. Try PassFault.com to see just how strong your passwords are.

What about those password reset questions? With a little bit of research, your birthplace and mother’s maiden name can be easily figured out. Some websites let you create your own password reset question. This could be more secure, if you use a question and answer that only you would know.

How do you remember all those passwords? Trying using one of the password manager apps that are available like Keeper, 1Password and RoboForm. Not only do they help you keep track of all your login and password information, but they can help you generate secure passwords and sync between multiple devices.

It is impossible to be 100% secure. We can’t control websites getting hacked. What we can do is reduce our personal risk by using strong passwords.